1. Field of the Invention
The present invention relates generally to client-web server transactions More particularly, the present invention relates to a method and apparatus for identifying a web server.
2. Description of the Related Art
The Internet and the World Wide Web (“web”) have become commonplace, providing millions of web sites. Many of these web sites employ hypertext transfer protocol (HTTP) as the primary protocol for the exchange of information between server and host, while other web sites employ a secure version of HTTP known as HTTPS. With HTTP, there is no reliable mechanism of distinguishing a legitimate web site from an illegitimate web site masquerading as the legitimate web site. Notably, the proliferation of the Internet and the web has spawned various mechanisms for fraudulently obtaining information from end users, such as phishing, pharming, domain name system (DNS) pinning, cache poisoning, and the like. Phishing is a mechanism whereby “phishers” attempt to fraudulently acquire sensitive information from end users by masquerading as a trustworthy entity in an electronic communication (e.g., an e-mail). Pharming is a mechanism that attempts to redirect traffic from a legitimate web site to another illegitimate or bogus web site. DNS pinning and cache poisoning involve attempts to exploit the DNS process to redirect traffic from legitimate web sites to illegitimate web sites.
Recently, phishing, pharming, and DNS related attacks have dramatically risen and have negatively impacted the confidence of end users. Such attacks have resulted in billions of dollars of loss to enterprises. Accordingly, many technologies have been developed to combat such fraudulent mechanisms. Such technologies include a combination of client side heuristics and whitelist/blacklist techniques to detect phishing, pharming, DNS attacks, and the like. Whitelist/blacklist techniques, however, require constant maintenance on the backend and continuous updates to the clients to maintain performance. It has become imperative to offer better security when interacting with web sites using non-secure means, such as HTTP. Accordingly, there exists a need in the art for an improved method and apparatus for identifying a web server as a legitimate web server.